- Microsoft Corp (NASDAQ:MSFT) has patched a zero-day vulnerability affecting all supported versions of Windows, which per researchers, hackers exploited to launch ransomware attacks.
- Microsoft said on Tuesday that an attacker who successfully exploited the vulnerability in the Windows Common Log File System (CLFS) could gain full access to an unpatched system, TechCrunch reports.
- Russian cybersecurity company Kaspersky says hackers exploited the flaw to deploy Nokoyawa ransomware, predominantly targeting Windows servers belonging to small and medium-sized businesses in the Middle East, North America, and Asia.
- Financially motivated cyber criminals actively exploit zero-day Kaspersky says.
- Also Read: Microsoft Taps OpenAI’s Latest GPT-4 For Cybersecurity Solutions
- Nokoyawa, first observed in February 2022, encrypts files on systems it compromises, but the operators also claim to steal valuable information that they threaten to leak pending a ransom. Reportedly, the ransomware bears links to the now-defunct Hive ransomware gang.
- U.S. cybersecurity agency CISA added the newly patched Windows vulnerability to its known exploited vulnerabilities catalog and urged federal agencies to update systems before May 2.
- Microsoft fixed almost 100 flaws under its regularly scheduled Patch Tuesday update.
- It also rectified a remote code execution flaw that could allow a remote, unauthenticated attacker to run their code with elevated privileges on affected servers with Microsoft’s Message Queuing service enabled.
- Price Action: MSFT shares traded higher by 0.11% at $263.80 premarket on the last check Thursday.
Flybondi Takes The Skies By Storm With NFT Ticketing
Argentine low-cost airline Flybondi made a move into the blockchain space by issuing its e-tickets as non-fungible tokens (NFTs).
